Privacy Policy

This Policy has been drafted in accordance with the General Data Protection Regulation (“CPC”) General Regulation on the Protection of Personal Data, which entered into force on May 23, 2018. This Policy describes how by which the Company uses and protects the personal data (hereinafter referred to as “Personal Data”) of natural persons (hereinafter “the Data”) which are disclosed to it either during the registration and use of the services of the Website through contracts with the underlying data (eg contracts with the Company’s employees). Also, this Policy describes how the Company collects, transmits, processes, uses and discloses the Personal Data of the Subjected Data and determines its practices regarding the safe processing thereof. By providing personal data to the Company (either directly or indirectly by allowing another person to provide your Personal Data on behalf of the Subjected Data), the Data subjects agree that this Policy applies to the manner in which the Company uses their Personal Data and agrees to collection, transfer, processing, use and disclosure thereof, as described herein. In the event that the Subjects do not agree with any part of this Policy, please do not provide any Personal Data. If they do not provide Personal Data or withdraw the consent they have given under this Policy, this may affect the Company’s ability to provide services or adversely affect the services that the Company may provide. This Policy does not in any way cover the relationship between the Subjective Data who use the Company’s Web Site and any services not subject to control and / or ownership of the Company’s Web Site. Given the nature and volume of the internet, under any circumstances, including negligence, the Company is not liable for any form of damage suffered by the Substance Data using the pages, services, choices and contents of the Company’s Web Site in which they make their own initiative and with the knowledge of the terms of this Policy.

Collection and Use of Personal Data
A. The Company collects Personal Data when:

The Subscribers register as members on the Company’s Web Site and make use of this service (by sending their order or in any other way) and / or to receive Company advertising / newsletters to be informed about the news of the Company, as well as new products and services provided by the Company (hereinafter referred to as “Prospectuses”)
the Data subjects communicate with the Company through their Web site
concludes contracts with the Underlying
B. In this context, the Company may collect, store and use the following types of Personal Data:

Information provided by the Data subject for the purpose of communicating with the Company, registering them on the Site (including sending them Prospectuses if they opt upon registration) and / or using the Company’s services and / or Site of Your Site
any other information that the Data subject chooses to disclose to the Company (either through its Web site or in any other way) and is relevant to the purpose of fulfilling its personal requests and relating to the subject of the Company (e.g. ordering and returning products, proposals for cooperation with the Company)
any information that the Data subject chooses to disclose to the Company for the purpose of concluding and executing a contract with it
Specifically, the information that the Company may collect from the Subjects either during their registration with the Site (including sending them in these Prospectuses if they opt upon registration) and / or on their use of the Services of the Web Site of their Site and / or communication with the Company, or through the general use of the services that relate to the Company’s subject matter (eg ordering and returning products, proposals for cooperation with the Company) j as follows:

Personal Information (e.g., First Name, Surname, Home Address, Telephone Number, E-mail Address)
Financial Data (eg Account Number)
Job Data (eg Job, Job Title / Job Title,, Place of Work)
C. The Company uses the Personal Data of the Subject Data for the following reasons:

Providing the requested Services to the Underlying
Information Submission information support for the provided services
the satisfaction of each Sub-Data order in relation to the services available from and through the Company’s Web Site
the response to queries and requests addressed to the Company by the Underlying
Updating the Subjects of Company News, new products and new offers / service categories by sending them to promotional / newsletters via emails unless they have requested not to receive such informative bulletins.
for internal purposes of the Company and quality assurance purposes
for the purpose of executing a contract by the Company
for other purposes as provided for or required by law (eg compliance of the Company with a legal or tax obligation, or for the protection of its vital interests or the interests of the Underlying Data, or when processing is necessary for purposes of the legitimate interests pursued by the Company)
Protection of the Personal Data of the Underlying
The Company shall take appropriate legal, organizational and technical measures to protect the Personal Data of the Subordinate Data as well as technical measures to protect the Personal Data of the Subject Data in accordance with the applicable data privacy and data security legislation. The Company uses a variety of security technologies and procedures to protect the Personal Data of the Subject Data from any unlawful destruction, loss, misuse or alteration, and from unauthorized or unauthorized processing, use or disclosure. The Company will delete or re-identify the Personal Data of the Subordinate Data as soon as it is no longer necessary for the provision of its services and / or the execution of its business purposes and / or the execution of the contract; or / or for legal reasons, or as otherwise provided by applicable law on the protection of Personal Data.

Non-Disclosure of Personal Data to Third Parties
The Company for the purpose of fulfilling the claims of the Subordinate Data regarding the orders made by them through the Company’s Website or for the return of products or for the fulfillment of any other relevant requests of the Subjected Data relating to the subject of the Company and the provided from this Service notifies the Personal Data of the Subordinate Data (name, surname, home address, telephone number) to the Company’s tachymeter times (courier). Subject to the above paragraph, the Company undertakes: (1) not to sell, hire or otherwise make any disclosure or disclosure of the Personal Data of the Subordinate Data to any third party. 2) not to disclose the Personal Data of its Subordinate Data to third natural and / or legal entities except: a) if the Data subject has expressly consented to it and (i) the third party (a natural or legal person, a partner / / service provider of the Company) has provided clear guarantees regarding the technical and organizational measures governing the processing to be performed and (ii) the third party (natural or legal person, collaborator / supplier / service provider of the Company) has entered into a written agreement (b) if this is due to the Company’s compliance with the relevant provisions of the law and to the competent and responsible authorities of the Company, in accordance with the provisions of the Law on the Protection of Personal Data; only prosecuting, police, investigating and judicial authorities responding to their request; (c) in relation to any legal / judicial proceedings or forthcoming legal / judicial proceedings; (d) for the purpose of establishing, exercising or defending s of legitimate interests – including the provision of information to regulatory, law enforcement or other authorities for purposes of preventing and combating fraud, unauthorized use of services and activity-illegal. The Company undertakes not to transmit Personal Data of the Subject Data to third countries outside the European Union without the prior written consent of the Subject Data unless the Company and the recipients of the Personal Data have concluded and use standard contractual clauses which(2010/87 / EU) have been approved by the European Commission and annexed to the Commission Decision of 5 February 2010 on the transfer of personal data to processors established in third countries.

Subject of Data Rights
The Data subjects may exercise the following rights deriving from the provisions of the CPC, as well as the applicable legislation that applies or supplements it or otherwise related to the processing of Personal Data of Natural Persons, together with the binding directives and codes of good practice practices issued from time to time by the relevant supervising authorities:

Information about the processing of their Personal Data and the legal basis for such processing and all information relating to such processing
Accessing and correcting your Personal Data when processing Data relating to them
Deleting their Personal Data if they are not necessary to provide a service
Limiting the processing of their Personal Data
Denial of the processing of their Personal Data
The portability of their Personal Data to another controller, ie the right of the Subordinate Data to receive their data in an appropriate format so as to make it technically transferable to another controller
For the exercise of these rights or for any queries the Data subjects may communicate with the Company:

Send an e-mail to info@chicard.gr or
In a letter to Genoaios Kolokotronis 35, 114741, Athens
Subjects may also at any time revoke their consent to the processing of their Personal Data (without retroactive effect) in one of the two above mentioned ways. In addition, the Data subjects retain (a) the right to submit a written complaint to the competent supervisory authority regarding the protection of their Personal Data, ie the Personal Data Protection Authority (1-3 Kifissias Avenue, PC 115 23, Athens, +30 210 6475600, contact e-mail contact@dpa.gr) and (b) the right of legal remedy if they believe that their Personal Data has been violated.

Links to other sites
The Company through its Site may occasionally provide links to third parties or incorporate third party websites. This Policy does not apply to these sites and the Company is not responsible for the privacy policies or practices of these web sites. If the Data Entrants choose to enter a linked site, they agree that the Company is not responsible for the availability of this site and does not control, endorse, or be liable in any way for:

how the Personal Data of the Subject Data are treated on these sites
the content of these websites
use of these sites by others
The Company advises the Undertakings to provide foreground and always check the legal and privacy statements posted on any linked site or mobile application before entering any of their Personal Data.

Applicable Law
The management and protection of the Personal Data of the Subordinate Data is governed by the terms of this section, the provisions of the CPC, which will enter into force on May 25, 2018, as well as the applicable Greek legislation implementing or supplementing the CPC or otherwise related to the processing of Personal Data of Natural Persons, together with the binding guidelines and codes of good practice that are issued from time to time by the relevant supervising authorities (see European Commission).

Modifications
The Company reserves the right to occasionally update this Policy and post the latest version on its Web Site at any time without notice. If substantial modifications are made, the Company may either post a relevant notice about the changes to its Site or notify the Data subject by sending a notice via the email address and / or the mobile phone number assigned to them by them. The Company encourages Podcasts to periodically review their Site and check for any modifications and periodic referrals to this Policy to remain informedthe way in which the Company contributes to the protection of the Personal Data that it collects. If the Data subject continues to use the Company’s Website, this implies that it agrees with this Policy and any updates. If a Data Subject does not comply with the privacy policy provided for in this Policy, it must not use the Company’s services. This Policy was last updated on May 23, 2018.